[Date Prev][Date Next] [Chronological] [Thread] [Top]

NIS to LDAP: a better way?

I've set up OpenLdap 2.0.18 to provide an authentication service based on
LDBM and /etc/passwd.  To keep LDAP and NIS synchronized, I have hacked the
NIS Makefile so that when it pushes the passwd map, it also uses
migrate_passwd.pl to produce a passwd.ldif file, and uses that first to add
entries to LDAP and then to modify entries,

This is a crappy solution!  Even if there is just one change to
/etc/passwd, every entry gets added and then modified, because I don't know
what the change to /etc/passwd might have been.  Also, it is buggy because
lines deleted from /etc/passwd don't get removed from LDAP.  And it takes
about 60 seconds to run.

It sort of works - but is there a better way to keep NIS and LDAP in step?

Norman Paterson, University of St Andrews